const InvalidAccessException = use('App/Exceptions/InvalidAccessException')
const ResourceNotExistException = use('App/Exceptions/ResourceNotExistException')

class AuthorizationService {
    verifyPermission (resource, user) {
        //不存在抛出异常
        if (!resource) {
            throw new ResourceNotExistException()
        }
        //非所有者抛出异常
        if (resource.user_id !== user.id) {
            throw new InvalidAccessException()
        }
    }
}

module.exports = new AuthorizationService()